#3205 closed task (fixed)
cups-1.4.5, with security fix
| Reported by: | Owned by: | Randy McMurchy | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Version upgrade, includes fix for CVE-2010-2941. From the mitre report:
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Loads of other fixes, see http://www.cups.org/articles.php?L597
Change History (3)
comment:1 by , 13 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 13 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Updated BLFS to CUPS-1.4.5
Note:
See TracTickets
for help on using tickets.
I'm installing this right at this moment. I'll update the book.